Deploy HAProxy LoadBalancer in AWS using Ansible
Anudeep Nalla
Opensource Contributer | Platform Engineer | EX-NPCI | RHCA Level III | OpenShift | CEPH | CK{S,A,AD} | 3x Microsoft Certified | AWS CSA | Rancher | Nirmata | DevOps | Ansible | Jenkins | DevSecOps | Kyverno | Rook-Ceph
In this article, we are going to deploy HA-Proxy LoadBalancer on EC2-instance using Ansible.
Why Ansible…?
Ansible automates and simplifies repetitive, complex, and tedious operations. Everybody likes it because it brings huge time savings when we install packages or configure large numbers of servers.
I create Ansible-Roles for launching EC2 instance and deploy webserver and LoadBalancer Service using the Dynamic-Inventory concept.
If you do not know how to set up Dynamic inventory for AWS, please refer to my previous article.
https://www.dhirubhai.net/pulse/deploy-apache-web-server-using-aws-dynamic-inventory-anudeep-nalla/
So Let’s Start…
For this task, I’m creating three Ansible-roles…
1. For Launch AWS EC2 instances.
2. For launching Apache Webserver
3. And one more for HA-Proxy LoadBalancer
To create an Ansible-role, First create a directory /etc/ansible/roles and after that run command…
ansible-galaxy init role_name
1. Launch AWS EC2 instance:-
Code for launching the EC2 instance is below, I’m created 3 hosts for Webserver and 1 for LoadBalancer…
# tasks file for webserver
- name: Create Key Pair
ec2_key:
name: mykey15
aws_region: "{{ region }}"
register: ec2_key
- name: Copy Key to Local File
copy:
content: "{{ ec2_key.key.private_key }}"
dest: "{{ key_dest }}"
mode: '0600'
- name: Create Security Group - Allow SSh, HTTP
ec2_group:
name: sg_ansible_web
description: sg for web inventory
region: "{{ region }}"
rules:
- proto: tcp
from_port: 80
to_port: 80
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
cidr_ip: 0.0.0.0/0
register: sg_ansible_web
- name: Create Security Group - Allow SSh, HAProxy
ec2_group:
name: sg_ansible_lb
description: sg for lb inventory
region: "{{ region }}"
rules:
- proto: tcp
from_port: 8080
to_port: 8080
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
cidr_ip: 0.0.0.0/0
register: sg_ansible_lb
- name: Launch EC2 Instance for webserver
ec2:
key_name: mykey15
instance_type: t2.micro
image: "{{ image_id }}"
wait: yes
region: "{{ region }}"
count: 3
vpc_subnet_id: subnet-040fe014984c437d9
group_id: "{{ sg_ansible_web.group_id }}"
assign_public_ip: yes
state: present
instance_tags:
Name: webserver
register: web
- name: Launch EC2 Instance for lbserver
ec2:
key_name: mykey15
instance_type: t2.micro
image: "{{ image_id }}"
wait: yes
region: "{{ region }}"
count: 1
vpc_subnet_id: subnet-040fe014984c437d9
group_id: "{{ sg_ansible_lb.group_id }}"
assign_public_ip: yes
state: present
instance_tags:
Name: lbserver
register: lb
- name: Refresh Inventory File
meta: refresh_inventory
- pause:
minutes: 2
Code for Web
--- # tasks file for web - name: Install Required Package package: name: python3 state: present become: true - name: Install Apache Server package: name: httpd state: present become: true - name: copy web page from url get_url: dest: "/var/www/html" url: “https://raw.githubusercontent.com/Anuddeeph/AWS_WS_Using_Ansible/master/index.html" become: true - name: Start Apache Service service: name: httpd state: started
By Default, Ansible does not refresh the inventory in the middle of the running playbook, so we use the meta keyword refresh_inventory in the last of this code.
So, Ec2-Instance is launched…
2. Launch Webserver On EC2 instance:
Now I need to install httpd software on EC2 instance named webserver using Ansible
--- # tasks file for web - name: Install Required Package package: name: python3 state: present become: true - name: Install Apache Server package: name: httpd state: present become: true - name: copy web page from url get_url: dest: "/var/www/html" url: “https://raw.githubusercontent.com/Anuddeeph/AWS_WS_Using_Ansible/master/index.html" become: true - name: Start Apache Service service: name: httpd state: started
After running this role, my webserver is configured.
3. Configure HA-Proxy LoadBalancer:
Now I need to configure my load-balancer service on ec2 instance named lbserver.
# tasks file for lbserver - name: install haproxy software package: name: "haproxy" state: present become: true - name: copy my conf file of lb template: src: "haproxy.cfg" dest: "/etc/haproxy/haproxy.cfg" become: true - name: start service lb service: name: "haproxy" state: started become: true
Now, all roles are created successfully.
Now I created one playbook for running all roles in a single click…
- hosts: localhost roles: - ec2_host - hosts: tag_Name_webserver remote_user: ec2-user roles: - web - hosts: tag_Name_lbserver remote_user: ec2-user roles: - lbserver
Save this playbook as setup.yml and then run…
ansible-playbook setup.yml
Finally, LoadBalancer is configured in a single command…
Let’s see the output of this…
Finally, LoadBalancer is configured in a single command…
So let’s run my LoadBalancer IP and see it is working or not…
Yup … It’s working
Great it actually uses loadbalancer concept ...see it goes to all ip's according to roundrobin principal..
Now there is no load on any server as traffic increases load balancer manage it...
In this way our task completed successfully!!!!
?? Finally I successfully completed the TASK-3 of ansible... .
? I would like to thanks Mr.Vimal Daga for giving such challenging task which helps to solve real use cases of ansible.
GitHub Link: https://github.com/Anuddeeph/Deploy-Haproxy-In-aws-using-Ansible.git
??For any queries or suggestions DM me .
!! Thanking you all for visiting my article !!